# anik26271.github.io — MALICIOUS

> PhishDestroy identifies anik26271.github.io as a crypto drainer phishing site with 12/95 VirusTotal detections.

## Summary
PhishDestroy identifies anik26271.github.io as an ACTIVE crypto drainer phishing site posing elevated risk to visitors. The domain leverages GitHub Pages hosting to distribute malicious payloads designed to drain cryptocurrency wallets upon wallet connection attempts. Interacting with this site may result in irreversible asset loss, including tokens and NFTs. Users are strongly advised to avoid any interaction, as the threat actor employs a spoofed interface mimicking legitimate crypto platforms to deceive victims.

This domain was flagged across multiple security platforms, including a 12/95 detection ratio on VirusTotal, indicating partial but significant recognition by antivirus engines. The site is hosted on GitHub’s infrastructure (IP: 185.199.108.153) via GitHub Pages, a legitimate service frequently abused for phishing due to its trusted domain reputation (github.io). While Let’s Encrypt provides a valid SSL certificate, this does not guarantee safety—HTTPS is now standard even on malicious sites to enhance credibility. The domain shows no current presence on major blocklists like Google Safe Browsing or PhishTank at the time of analysis, likely due to its recent deployment. Registrar data indicates GitHub, Inc. as the hosting provider, not the domain owner, reflecting a common tactic to obscure true ownership and evade takedowns.

To mitigate risk, users should immediately block anik26271.github.io using browser-based tools or network-level filters. Never connect cryptocurrency wallets or enter seed phrases on unfamiliar websites, including GitHub Pages-hosted pages. Use hardware wallets for transactions and verify URLs via official project websites or trusted sources. Report this domain to your antivirus vendor, browser security team, and relevant crypto platforms (e.g., MetaMask, Ledger) to prevent further victimization. Organizations should deploy DNS filtering rules to block access to suspicious GitHub Pages domains proactively. Stay vigilant—crypto drainers evolve rapidly, and only verified interfaces should be trusted for digital asset management.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: GitHub, Inc.
- IP: 185.199.108.153

## Detection Status
- VirusTotal: 12 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/02d91d1a-cc27-4981-9333-3f5d90153d37
- PhishDestroy: https://phishdestroy.io/domain/anik26271.github.io/
- LLM endpoint: https://phishdestroy.io/domain/anik26271.github.io/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/anik26271.github.io/
Last updated: 2026-03-26